Periodic reminder that E2EE chat apps like Signal cannot protect you from a device that betrays you (MDM). I don’t use Signal on any work devices. I can’t do anything about my colleagues who chat with me and do.
Could you explain how MDM would breach E2EE? I know that it can be used to MITM TLS connections, but not aware of a way it would breach E2EE like Signal.
It doesn’t breach E2EE; it gives your employer control over the device. Once messages are decrypted on the phone so you can read them, anything your employer deploys via MDM (screen capture, keylogging, backup/forensics tools, admin unlock, etc.) can potentially copy them.
On a company-owned, fully managed device, you should treat MDM as roughly equivalent to handing your boss an unlocked device: anything you can see on-screen could be captured or exfiltrated by tooling they deploy.
